Author Topic: How to configure SpamAssassin  (Read 13945 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
How to configure SpamAssassin
« on: March 09, 2020, 08:43:41 PM »
Hello

The "How to configure Spamassassin" section to wiki here --> https://wiki.centos-webpanel.com/how-to-configure-spamassassin is outdated.

So it would be great to be updated with the following or just update the configuration files locations mentioned there.

Step 1. Edit the configuration (/etc/mail/spamassassin/local.cf)  file with the settings below

Quote
required_hits 5
report_safe 0
required_score 5
rewrite_header Subject [***SPAM***]

Step 2. Edit  /etc/sysconfig/spamassassin file with below config (replacing everything in it) and save it

Code: [Select]
SAHOME="/var/lib/spamassassin/"
SPAMDOPTIONS="-d -c -m5 -H --username nobody -s ${SAHOME}spamd.log"

Step 3. Edit configuration file in Postfix. Open the file /etc/postfix/master.cf and edit/add the config below then save it.

Code: [Select]
smtp      inet  n       -       n       -       -       smtpd
  -o content_filter=smtp-amavis:127.0.0.1:10024
  -o receive_override_options=no_address_mappings
  -o content_filter=spamassassin

Code: [Select]
spamassassin      unix -      n      n      -      -      pipe
  user=nobody argv=/usr/bin/spamc -f -e
  /usr/sbin/sendmail -oi -f ${sender} ${recipient}

Step 4. Restart Postfix and SpamAssasin services

You are ready to go :)

Extra configuration tips

- In case you want mail to be deleted automaticaly and not receive the header rewritten with [***SPAM***] then you can set 

Code: [Select]
report_safe 1
to step 1.
 
- If you wish to make server more strict you can set the following flag lower. So 0 will always pass but if we set it to 3 that means a lot of mail will get flaged.

Code: [Select]
required_score 5
- One more configuration you could play is the following. The more you lower this value your mailserver will become strict.

Code: [Select]
required_hits 5
You need a reliable hosting company for your website or your eshop?
Need a cheap, reliable, fast and secure hosting?
You want fast support and action to every technical issue?
Freespirits is here for you :) - Don't look any further!

Offline
*
Re: How to configure SpamAssassin
« Reply #1 on: June 04, 2020, 01:06:08 AM »
Thank you so much for this.

I am in desperately need of this config since I moved back to CWP.

I am getting an awful lots of unwanted emails and viruses.

Let me check and update this thread if it works.

The official instructions is definitely outdated because it didnt work for me.


Speaking of viruses, I am also in doubt that the Clamav email antivirus work.
I am receiving attachments in zip, img, pdf that turn out to be viruses.

Hopefully spamassassin will block them first hand.

Offline
*
Re: How to configure SpamAssassin
« Reply #2 on: June 04, 2020, 08:53:15 AM »
Hello

I guess you should use

Code: [Select]
report_safe 1
If you want to avoid and block many phishing mails you should first rebuild your mail server Email --> Mailserver Manager
Checking the following

1. AntiSpam/AntiVirus (recommended)
2. rDNS Check (recommended)

The next step is to configure Spamassasin and  restart the services.

You will notice a 98% reduce in SPAM and phishing mails. There is an outbreak of those messages lately because of the pandemic.
So CWP7 is the best solution to keep safe from dangerous mails and of course keep you psychologically healthy  ;)
You need a reliable hosting company for your website or your eshop?
Need a cheap, reliable, fast and secure hosting?
You want fast support and action to every technical issue?
Freespirits is here for you :) - Don't look any further!

Offline
*
Re: How to configure SpamAssassin
« Reply #3 on: June 05, 2020, 02:13:36 AM »
Thank you. I just did that.

Your instructions to configure spamassassin definitely works!

They are now being tagged as spam. Finally.

But I want to further strengthen the security by completely blocking domains.

Went to do this one.
https://forum.centos-webpanel.com/e-mail/spam-config/

Now sure yet if it worked.

Offline
*
Re: How to configure SpamAssassin
« Reply #4 on: June 05, 2020, 08:07:53 AM »
I am glad everything is working fine  ;)

I guess you want to avoid hackers using your system to send spam and not block a subscription to your server.
So i would propose to add/replace the following to your main.cf

Code: [Select]
#add to avoid spaming and blacklisting
smtpd_sender_restrictions =
   permit_mynetworks
   permit_sasl_authenticated
   reject_unknown_sender_domain
   reject_unknown_reverse_client_hostname
   reject_unknown_client_hostname
#add to avoid relay
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination

Restart mailserver.
You need a reliable hosting company for your website or your eshop?
Need a cheap, reliable, fast and secure hosting?
You want fast support and action to every technical issue?
Freespirits is here for you :) - Don't look any further!

Re: How to configure SpamAssassin
« Reply #5 on: July 29, 2020, 01:05:09 PM »
@Freespirits_GR_Host
Thanks for the very useful post.
I prefer to set spamd.log to /var/log ;)

Offline
*
Re: How to configure SpamAssassin
« Reply #6 on: July 29, 2020, 10:05:47 PM »
Hello cynique and thank you.

There is a great option that i would like to point to CWP7 panel and that is "Monitoring via Monit"
A great tool to monitor your server against spam is to enable this option and add  postfix-queue.conf and edit it so that you get a warning if more than 10 messages (or less) are in the queue.

Code: [Select]
check program postfix-queue with path "/scripts/check_postqueue 10"
 if status != 0 then alert

Hope that is one more helpful tool against spam and easy way to avoid getting into blacklists.  ;)
You need a reliable hosting company for your website or your eshop?
Need a cheap, reliable, fast and secure hosting?
You want fast support and action to every technical issue?
Freespirits is here for you :) - Don't look any further!

Offline
*
Re: How to configure SpamAssassin
« Reply #7 on: August 17, 2020, 09:01:38 AM »
Thank you very much for the updated configuration. It saved me a lot of time.

Offline
*
Re: How to configure SpamAssassin
« Reply #8 on: May 21, 2023, 07:03:50 PM »
thanks, i will try.

In the maser.cf file, "-o content_filter=" is mentioned in three lines. Do I need to change the others as well?

Offline
*
Re: How to configure SpamAssassin
« Reply #9 on: May 21, 2023, 07:06:28 PM »
I can't find this line in the master.cf file.
Would you suggest I add it to the bottom?

Code: [Select]
spamassassin      unix -      n      n      -      -      pipe
  user=nobody argv=/usr/bin/spamc -f -e
  /usr/sbin/sendmail -oi -f ${sender} ${recipient}

Offline
*
Re: How to configure SpamAssassin
« Reply #10 on: May 21, 2023, 07:25:54 PM »
I can't find this line in the master.cf file.
Would you suggest I add it to the bottom?

Code: [Select]
spamassassin      unix -      n      n      -      -      pipe
  user=nobody argv=/usr/bin/spamc -f -e
  /usr/sbin/sendmail -oi -f ${sender} ${recipient}

That is exactly what I suggest.  ;). You should add it to the bottom of the file after the SPF Check.
You need a reliable hosting company for your website or your eshop?
Need a cheap, reliable, fast and secure hosting?
You want fast support and action to every technical issue?
Freespirits is here for you :) - Don't look any further!

Offline
*
Re: How to configure SpamAssassin
« Reply #11 on: May 27, 2023, 10:28:26 PM »
@Freespirits_GR_Host

Thank you so much for this easy guide :) One thing is that the AmaVis service is disabled in my CWP instance by default, does this configuration need that to be enabled? Do I really need ClamAV & AmaVis side by side?

TiA

Offline
*
Re: How to configure SpamAssassin
« Reply #12 on: May 28, 2023, 10:04:38 AM »
@Freespirits_GR_Host

Thank you so much for this easy guide :) One thing is that the AmaVis service is disabled in my CWP instance by default, does this configuration need that to be enabled? Do I really need ClamAV & AmaVis side by side?

TiA

Hello  :)
AmaVis is a very important tool to the whole implementation as it helps to block spam,  viruses and malware. You can find more information to the following links to understand why it is critical to have it installed
https://wiki.archlinux.org/title/Amavis
https://en.wikipedia.org/wiki/Amavis
You need a reliable hosting company for your website or your eshop?
Need a cheap, reliable, fast and secure hosting?
You want fast support and action to every technical issue?
Freespirits is here for you :) - Don't look any further!

Offline
****
Re: How to configure Postfix
« Reply #13 on: May 30, 2023, 03:56:21 AM »
For proper form, multi-line postfix directives should have commas at the end of each line:
Code: [Select]
smtpd_sender_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_unknown_sender_domain,
    reject_unknown_reverse_client_hostname,
    reject_unknown_client_hostname

Offline
*
Re: How to configure SpamAssassin
« Reply #14 on: May 31, 2023, 04:15:56 PM »
Hi,

I´m new here, but How I configure rules in user_prefs into /home/User-Directory?

In CPANEL exist rules specific to user into /home/User-Directory/.spamassassin/user_prefs

I can to put user prefs but is not working. What have I to do in /usr/share/spamassassin/local.cf or /etc/mail/spamassassin/local.cf to spamassassin to read rules in user preferences into directory each user?

Thank you!